Port 875: rquotad — The remote quota enforcer for NFS

Port 875 carries rquotad (Remote Quota Daemon), an RPC service that reports disk quotas for users accessing filesystems over NFS. NFS handles file sharing across networks, but it deliberately doesn't implement quota management. Port 875 fills that gap.

The Problem It Solves

When you mount a remote filesystem over NFS, you can read and write files as if they were local. But there's a problem: NFS itself has no concept of disk quotas. It doesn't know—and doesn't care—how much space you're allowed to use on the remote server.

Without rquotad, users could accidentally (or intentionally) fill up remote disks. System administrators couldn't enforce quotas across the network. The quota command would show nothing for NFS-mounted filesystems, even though quotas were configured on the remote server.

rquotad solves this. It runs on the NFS server and answers quota queries from remote clients. When you run quota on your local machine, it contacts the rquotad service on port 875 of the remote server and retrieves your quota information.

How It Works

rquotad is built on Sun Microsystems' RPC (Remote Procedure Call) framework, specifically using ONC-RPC program number 100011.¹ This program number is officially assigned to "disk quotas" with the short name "rquota" in RFC 5531.²

The protocol is simple:

1. Client mounts a remote filesystem via NFS — The filesystem is now accessible, but quota information isn't transmitted through NFS
2. Client runs quota command — The quota client needs to know disk usage limits
3. RPC call to port 875 — The client contacts rquotad on the NFS server
4. Server responds with quota data — How much space used, how much allowed, hard limits, soft limits, grace periods
5. Client displays the information — The user sees their quota status for the remote filesystem

The service can also be used by edquota to set quotas on remote filesystems, though this requires specific compilation flags and the -S command-line option.³

The NFS Connection

NFS (Network File System) was designed to share files, not to manage quotas. This was a deliberate architectural decision—NFS handles the filesystem operations (read, write, create, delete), while auxiliary services handle other concerns.

Quotas are one of those auxiliary concerns. They're critical for multi-user systems (universities, enterprises, shared hosting), but they're not part of the core file-sharing protocol. So NFS servers run rquotad alongside the main NFS services (mountd, nfsd, statd) to provide quota information to clients.

This is why port 875 exists. It's the dedicated channel for quota queries in the NFS ecosystem.

Port Configuration

By default, rquotad listens on UDP and TCP port 875.⁴ This port assignment allows the service to work through firewalls, which is essential for NFS deployments where the server and clients are separated by network security boundaries.

On Red Hat-based systems (RHEL, CentOS, Fedora), the port can be configured in /etc/sysconfig/nfs using the RQUOTAD_PORT variable:

RQUOTAD_PORT=875

On Ubuntu and Debian systems, similar configuration is available through /etc/default/quota or command-line options when starting the service.

If you need to run rquotad on a different port (for example, to avoid conflicts or comply with firewall policies), you can specify it with the -p flag:

rpc.rquotad -p 876

Checking What's Listening

To see if rquotad is running on port 875:

# Check if anything is listening on port 875
sudo lsof -i :875

# Or use netstat
sudo netstat -tuln | grep 875

# Check RPC services (shows rquotad with program number 100011)
rpcinfo -p localhost

The rpcinfo command is particularly useful because rquotad is an RPC service. You'll see output like:

program vers proto   port  service
100011    1   udp    875  rquotad
100011    2   udp    875  rquotad
100011    1   tcp    875  rquotad
100011    2   tcp    875  rquotad

This shows rquotad running on port 875 for both version 1 and version 2 of the protocol, over both UDP and TCP.

Security Considerations

rquotad is an RPC service, which means it's subject to the same security concerns as other RPC-based protocols:

Firewall configuration — If you're running NFS across network boundaries, port 875 needs to be open for quota information to flow. But only open it to trusted networks—exposing RPC services to the public Internet is dangerous.

RPC vulnerabilities — Older versions of RPC services have had security vulnerabilities. Keep your quota tools package updated. On most Linux distributions, rquotad is part of the quota or quota-tools package.

Information disclosure — rquotad reveals disk usage information for users. This isn't necessarily sensitive, but it does leak information about who's using the system and how much space they're consuming.

No authentication — By default, rquotad trusts the RPC authentication provided by the client. In environments where users might impersonate each other, this can be problematic. NFS security (Kerberos, sec=krb5) can help, but rquotad itself doesn't add additional authentication layers.

The Bigger Picture

Port 875 is part of the constellation of services that make NFS work in production environments:

• Port 111 — portmapper/rpcbind (RPC service registry)
• Port 2049 — nfsd (the main NFS daemon)
• Port 875 — rquotad (quota information)
• Dynamic ports — mountd, statd, lockd (often configured to use fixed ports for firewall traversal)

Together, these services turn a simple file-sharing protocol into a complete network filesystem solution. Without rquotad, NFS would work fine for file sharing—but quota enforcement would be impossible across the network.

History

The Remote Quota Protocol (RQUOTA) emerged from Sun Microsystems' work on NFS and RPC in the 1980s. While there's no dedicated RFC specifying the RQUOTA protocol in detail, it's referenced in RFC 5531 (RPC: Remote Procedure Call Protocol Specification Version 2), which documents RPC program number 100011 as assigned to "disk quotas."¹

The protocol has two versions:

• Version 1 — Original implementation
• Version 2 — Extended to support larger quota values and additional quota types

Modern implementations of rpc.rquotad support both versions for backward compatibility.

Modern Usage

In 2026, rquotad is still in use wherever NFS is deployed with quota enforcement:

• Universities — Shared home directories with per-user quotas
• Research institutions — Collaborative storage with project-based quotas
• Enterprise environments — Departmental file servers with quota policies
• Cloud providers — NFS-based storage offerings with capacity limits

However, newer storage solutions (distributed filesystems like Ceph, GlusterFS, or cloud-native storage) often implement quotas differently. They may not use port 875 at all—quotas might be enforced through their own protocols or management interfaces.